[VIM] True: XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability

George A. Theall theall at tenablesecurity.com
Wed Jun 13 18:30:24 UTC 2007

Previous message: [VIM] True: XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
Next message: [VIM] True: XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 06/13/07 14:00, str0ke wrote:

> Are you sure that authentication is needed for this to be exploitable?

No, it's not. The admin just needs to tweak permissions so that 
anonymous users have access to it.

George
-- 
theall at tenablesecurity.com

Previous message: [VIM] True: XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
Next message: [VIM] True: XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the VIM mailing list